-
Tue Mar 07 2023 Kevin Lyons <kevin.x.lyons@oracle.com> [3.10.0-1160.88.1.0.2.el7.OL7]
- md/raid5: fix oops during stripe resizing (Ritika Srivastava) [Orabug: 34048726]
- blk-mq: Remove generation seqeunce (Ritika Srivastava) [Orabug: 33964689]
- block: init flush rq ref count to 1 (Ritika Srivastava) [Orabug: 33964689]
- block: fix null pointer dereference in blk_mq_rq_timed_out() (Ritika Srivastava) [Orabug: 33964689]
- [xen/netfront] stop tx queues during live migration (Orabug: 33446314)
- [xen/balloon] Support xend-based toolstack (Orabug: 28663970)
- [x86/apic/x2apic] avoid allocate multiple irq vectors for a single interrupt on multiple cpu, otherwise irq vectors would be used up when there are only 2 cpu online per node. [Orabug: 28691156]
- [bonding] avoid repeated display of same link status change. [Orabug: 28109857]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [Orabug: 22552377
- kexec: Increase KEXEC_AUTO_RESERVED_SIZE to 256M [Orabug: 31517048]
-
Tue Mar 07 2023 Kevin Lyons <kevin.x.lyons@oracle.com> [3.10.0-1160.88.1.0.1.el7.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
-
Tue Mar 07 2023 Kevin Lyons <kevin.x.lyons@oracle.com> [3.10.0-1160.88.1.el7.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9.el7
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
-
Sat Feb 18 2023 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.88.1.el7]
- KVM: x86: add bit to indicate correct tsc_shift (Marcelo Tosatti) [2152838]
- KVM: x86: rewrite handling of scaled TSC for kvmclock (Marcelo Tosatti) [2152838]
- KVM: x86: rename argument to kvm_set_tsc_khz (Marcelo Tosatti) [2152838]
-
Fri Feb 10 2023 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.87.1.el7]
- Revert "openvswitch: fix flow actions reallocation" (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- Revert "openvswitch: fix OOB access in reserve_sfa_size()" (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- kvm/emulate: Fix SETcc emulation function offsets with SLS (Vitaly Kuznetsov) [2143438]
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (Rafael Aquini) [2138620] {CVE-2022-42703}
- mm, rmap: handle anon_vma_prepare() common case inline (Rafael Aquini) [2138620] {CVE-2022-42703}
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (Nilesh Javali) [2092105]
- fs: move S_ISGID stripping into the vfs_*() helpers (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: Add missing umask strip in vfs_tmpfile (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: add mode_strip_sgid() helper (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
-
Thu Feb 02 2023 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.86.1.el7]
- openvswitch: fix OOB access in reserve_sfa_size() (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- openvswitch: fix flow actions reallocation (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- gitlab-ci: use CI templates from production branch (Michael Hofmann)
- mm: prevent page_frag_alloc() from corrupting the memory (Rafael Aquini) [2141062]
- mm: Use fixed constant in page_frag_alloc instead of size + 1 (Rafael Aquini) [2141062]
- mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs (Rafael Aquini) [2141062]
- x86/pat: Pass valid address to sanitize_phys() (Jeff Moyer) [1974485]
-
Thu Jan 19 2023 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.85.1.el7]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_b (Xin Long) [2054037]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_a (Xin Long) [2054037]
- sctp: handle errors when updating asoc (Xin Long) [2054037]
- sctp: no need to check assoc id before calling sctp_assoc_set_id (Xin Long) [2054037]
- s390/topology: fix warning when disabling cpus (Tobias Huschle) [2071980]
-
Thu Jan 12 2023 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.84.1.el7]
- blk-mq: fix flush-rq race (Ming Lei) [2088029]
- scsi: target: iscsi: Fix a race condition between login_work and the login thread (Maurizio Lombardi) [2154243]
-
Mon Dec 19 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.83.1.el7]
- x86/sme: avoid using __x86_return_thunk (Rafael Aquini) [2122158]
- scsi: core: Simplify control flow in scmd_eh_abort_handler() (Ewan D. Milne) [2128337]
- scsi: core: Avoid leaving shost->last_reset with stale value if EH does not run (Ewan D. Milne) [2128337]
- [netdrv] i40e: Fix freeing of uninitialized misc IRQ vector (Jamie Bainbridge) [2129248]
- x86/speculation: Use generic retpoline by default on AMD (Rafael Aquini) [2062165] {CVE-2021-26401}
-
Thu Dec 08 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.82.1.el7]
- net: usb: ax88179_178a: Fix packet receiving (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: ax88179_178a: fix packet alignment padding (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- mm: swap: disable swap_vma_readahead for PPC64 (Rafael Aquini) [2142455]